Setup credential store for Docker login

By default Docker login will store all the sensitive password in to ~/.docker/config, and form the console, it raise a warning like:

WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

When I follow the referring document, it seems not that clear for me to finish the setup, I created this article to record the detailed step for that.

Here is the tools that we need in this article:

1. GnuPG, you can refer my previous link to know how to backup/restore the GPG keys
2. pass
3. docker-credential-helper you should select the pass version

We will remove all the store related configuration files to get start.

rm -rf ~/.password-store

config pass

pass init "your-gpg-key-email"

all the pass data is in ~/.password-store

setup the docker-credential-pass

You need to have the docker-crendetial-pass in path

tar xvzf docker-credential-pass-v0.6.4-amd64.tar.gz

mkdir ~/bin/
mv docker-crendential-pass ~/bin

# add in ~/.bashrc
export PATH=/home/kelvin/bin:$PATH:

# initialize the pass
pass insert docker-credential-helpers/docker-pass-initialized-check

# show the pass
pass show docker-credential-helpers/docker-pass-initialized-check

# check the store 
docker-credential-pass list
#{}

setup docker

remove the existed ~/.docker/config.json, create a new one:
add

{
 "credsStore": "pass"
}

in ~/.docker/config.json.

docker logout

docker login -U usernmae docker-registry-server-url

now all the password is stored in credential store.

docker-credential-pass list
{
    "docker-registry-server-url:6050":"deploy-key-user",
}